Vulnerabilities in 17+ Elementor Add-on Plugins for WordPress
Millions of WordPress sites affected by vulnerabilities in Elementor add-on plugins
Bio
91
Advertisement
This vulnerability affects add-on plugins for Elementor that are created by third parties.
According to Wordfence:
“We found the same vulnerabilities in nearly every plugin we reviewed that adds additional elements to the Elementor page builder.”
So it seems that this vulnerability is fairly widespread within the third party plugins that are add-ons to Elementor
Stored Cross-Site Scripting Vulnerability
A stored cross-site scripting vulnerability is particularly problematic because the malicious script is uploaded to and stored on the website itself. Then when a user visits the affected web page the browser will execute the malicious script.